According to Jim Meyering on 2/25/2010 11:30 AM: ACK on plugging the leak. However,...
> @@ -979,18 +980,12 @@ int openvzGetVEID(const char *name) { > return -1; > } > > - if (fscanf(fp, "%d\n", &veid ) != 1) { > + ok = fscanf(fp, "%d\n", &veid ) == 1; You're still keeping with fscanf. Isn't that dangerous, since fscanf is undefined in the presence of integer overflow (that is, if fp sends more decimal digits than fit in veid)? This seems like one of the reasons that coreutils completely prohibits *scanf (another being buffer overflow exploits with %s, but that's not relevant to this chunk of code). -- Eric Blake ebl...@redhat.com +1-801-349-2682 Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature
-- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list